This script is Copyright (C) 2013 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
An integer overflow, leading to an array index error, was found in the
way the CCID driver processed a smart card's serial number. A local
attacker could use this flaw to execute arbitrary code with the
privileges of the user running the PC/SC Lite pcscd daemon (root, by
default), by inserting a specially-crafted smart card. (CVE-2010-4530)
This update also fixes the following bug :
- Previously, CCID only recognized smart cards with 5V
power supply. With this update, CCID also supports smart
cards with different power supply.
See also :
Update the affected ccid and / or ccid-debuginfo packages.
Risk factor :
Medium / CVSS Base Score : 4.4
Family: Scientific Linux Local Security Checks
Nessus Plugin ID: 65008 ()
CVE ID: CVE-2010-4530